944 Open source projects that are alternatives of or similar to Sec Admin

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

SEC分布式资产扫描系统

Web-based Source Code Vulnerability Scanner

Exploitation Framework for Embedded Devices

All-in-one tool for managing vulnerability reports from AppSec pipelines

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

被动式漏洞扫描系统

Backend logic implementation for Vulnerability Management System

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

Web Application Security Scanner Framework

The fastest dork scanner written in Go.

Vulners Python API wrapper

hacker, ready for more of our story ! 🚀

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

Pentest Report Generator

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

OWASP Joomla Vulnerability Scanner Project

Automatic SQL injection with Charles and sqlmap api

Web path scanner

🆕 The Multi-Tool Web Vulnerability Scanner.

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Biu-framework🚀 Security Scan Framework For Enterprise Intranet Based Services(企业内网基础服务安全扫描框架)

Open-Source Security Architecture | 开源安全架构

Advanced dork Search & Mass Exploit Scanner

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Snoop — инструмент разведки на основе открытых данных (OSINT world)

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities

Dradis Framework: Colllaboration and reporting for IT Security teams

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

Scanner, signatures and the largest collection of Magento malware

RouterOS Security Research Tooling and Proof of Concepts

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Remote command execution vulnerability scanner for Log4j.

Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

A Ruby framework designed to aid in the penetration testing of WordPress systems.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

A scanner for Moodle LMS

The Swiss Army knife for automated Web Application Testing

pentest framework

Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…

A toolkit for Security Researchers

Automated NoSQL database enumeration and web application exploitation tool.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Misc. Public Reports of Penetration Testing and Security Audits.

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

The Correlated CVE Vulnerability And Threat Intelligence Database API